The Difference between Hybrid WAN and SD-WAN


The Difference between Hybrid WAN and SD-WAN

2018.01.23 16:54:44 Source:CBCcom

The two terms hybrid WAN and SD-WAN are often wrongly treated as interchangeable. Hybrid WAN is the practice of routing traffic over multiple connectivity paths. Software-defined WAN (SD-WAN) simplifies the management of a hybrid WAN by centralizing management and providing business-policy orchestration and security. Both approaches have evolved to support changing network requirements in the cloud era.

Networking in the Cloud Era

Until recently, private data centers hosted most applications, networks used Multiprotocol Label Switching (MPLS) and all traffic was routed to the data center, which applied security protocols.

Today, most traffic is destined for the Internet. Worldwide revenue for public-cloud services is projected to grow 18.5 percent in 2017 to $260.2 billion, up from $219.6 billion in 2016.[1] Amazon Web Services (AWS), Microsoft Azure, and software-as-a-service (SaaS) applications such as Microsoft Office 365, Salesforce.com, ServiceNow and Box are now part of business-critical infrastructures.

In the cloud era, enterprises are demanding greater elasticity, agility and cost efficiencies from their networks. According to Gartner, “Public cloud computing has rendered traditional enterprise WAN architectures to be suboptimal, from a price and performance perspective.”[2]

For cloud applications, the traditional MPLS practice of backhauling introduces unacceptable performance degradation and network congestion. MPLS costs mushroom as consumption increases. As a workaround, some enterprises have poked holes in the firewall to allow direct Internet access. This practice improves performance but introduces unacceptable security risks.

Other changes have affected the network as well. New over-the-top (OTT) applications such as video streaming increase network congestion. Encrypted applications make determining the business priority of applications difficult, so all data is treated the same regardless of how critical it is. Lastly, with the growing adoption of IoT, large volumes of data are collected, stored and often analyzed at the edge.

Hybrid WAN Emerges

Hybrid WAN is the practice of routing traffic over multiple connectivity paths, taking into account the strengths and weaknesses of each. Using path selection, hybrid WANs can establish and/or redirect select traffic and application delivery along alternate routes in accordance with business policies and quality of service. When performance degrades or outages occur, traffic can be routed along alternate paths.

Hybrid WANs employ both Internet broadband and traditional MPLS for path selection. As the diagram above shows, both Internet broadband and MPLS have their inherent strengths and weaknesses. Internet broadband is ideal for direct-to-cloud traffic and additional capacity. Unlike MPLS, it enables acquisition of additional capacity without several-month delays. But Internet broadband is less secure and lower quality, so it may be poorly suited to in-house financial applications as well as applications that require high quality of service, such as WebEx.

“The future of the WAN is actually a hybrid one,” according to Shamus McGillicuddy of Enterprise Management Associates. “Most enterprises will operate networks that use both public and private connections, and application traffic will drive these connectivity choices.”[3]

SD-WAN Simplifies Hybrid WAN Management

Managing a hybrid WAN isn’t trivial. Command-line interfaces (CLIs) are manual, time consuming and error prone. Each device requires individual configuration, or administrators can write custom scripts to configure and update complex network policies.

For example, a hypothetical retailer with 500 remote stores would like to deploy a new video application that requires 10 new command-line codes per router (5,000 command lines total). On average, it takes 30 seconds to execute each of the commands—a total of one week to execute the change and roll out the new application. If an error is present, the administrator would need to inspect each of the 5,000 lines of code to identify it. Scripts can help, but they also introduce greater complexity and increase error rates.

Rather than using a CLI, SD-WAN gives administrators a central management portal to implement business-defined rules across the organization. Most network managers seek this ability to centrally monitor and manage traffic, as well as remotely provision their WAN, according to a Forrester survey.[4]

SD-WAN abstracts the network-device management from the devices. Network administrators create business and security policies and deploy them across WAN, wireless/wired LAN and cloud environments. This level of control boosts IT and business efficiencies and reduces operational management costs by approximately 20 percent. In addition to cutting opex costs, enterprises adopt SD-WAN for better application performance, direct and optimum cloud connectivity, and greater network security.

The right SD-WAN solution helps ensure application performance meets service levels and user expectations. Integrated WAN optimization can accelerate the performance of business-critical applications by reducing network congestion and latency. Integrated user, device and infrastructure monitoring helps IT administrators diagnose and resolve complex performance problems quickly in on-premises, cloud and mobile applications.

Using SD-WAN, enterprises can connect to SaaS and cloud platforms directly and securely. Administrators define policies to route SaaS applications directly over broadband connections to optimize performance and avoid higher costs associated with MPLS. Applications built on the AWS, Azure or Google Cloud public-cloud platforms can connect through a VPN over Internet broadband to ensure secure access.

Many SD-WAN solutions embed firewalls, user-identity controls, network segmentation and other security features. By segmenting traffic, network administrators can limit attack surfaces and appropriately contain visitor traffic.

SimplePay, an Australian payment provider, uses SD-WAN in its AWS environment. It can automate cloud connectivity to provide a consistent and secure connection globally. “There’s no truck roll, there’s no staff needed; it literally is one of the simplest deployments I’ve ever been involved in,” said Rob Gillan, the company’s CTO.

Modernizing the Network

By providing traffic-routing choices based on business needs, hybrid WANs can ameliorate congestion, cut costs and increase performance. Without SD-WAN technology, however, they can be cumbersome to manage. SD-WAN solutions provide central management and orchestration for hybrid WANs to further decrease operational costs and increase agility. For these reasons, industry analyst IDC expects the SD-WAN market to grow to $8 billion by 2021 as the technology becomes mainstream.